Hello!
On Wed, Mar 01, 2017 at 07:32:03AM -0500, user384829 wrote:
> Hi,
> I am wanting to resolve upstream hostnames used for proxy_pass inline with
> the TTL of the DNS record but when I add this configuration the response
> from nginx is MUCH slower.
> I've run tcpdump and the upstream DNS record is be resolved and reresolved
> as TTL would dictate.
> But requests are slower even when the TTL has not expired and nginx is not
> attempting to resolve the record.
>> The difference is quite large: 0.3s vs 1s.
>> Measured like this:
> curl -w "%{response_code} %{time_total}\n" -s -o /dev/null
> 'http://my_nginx_host/api/something_something>>> == Slow Configuration ===
>> resolver 8.8.8.8 8.8.4.4 ipv6=off;
> server {
> listen 80;
> set $upstream_host https://my.upstream-host.com;> location ~ /api/ {
> rewrite /api/(.*) /$1 break;
> proxy_pass $upstream_host;
> }
> }
[...]
> What am I missing here? Is it because the upstream host is using HTTPS? I am
> using version 1.11.10.
Yes. You are using https and you are using dynamic address
resolution, so SSL session caching doesn't work.
See detailed explaination in the response as send on this mailing
list yesterday,
http://mailman.nginx.org/pipermail/nginx/2017-February/053042.html.
--
Maxim Dounin
http://nginx.org/